cybozu garoon CVE Vulnerabilities (198)

CVEs: 198 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting cybozu garoon (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 120 of 198 CVEs
«« First « Prev Page 1 / 10 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-22888 Improper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, potentially blocking access to the product. [email protected] 6.9 0.40% 2026-02-02 2026-06-17
CVE-2026-22881 Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords. [email protected] 6.8 0.22% 2026-02-02 2026-06-17
CVE-2026-20711 Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords. [email protected] 6.9 0.22% 2026-02-02 2026-06-17
CVE-2024-39457 Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser. [email protected] 5.4 0.24% 2024-07-19 2026-06-17
CVE-2024-31402 Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos. [email protected] 4.3 0.30% 2024-06-11 2026-06-17
CVE-2024-31399 Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS) condition. [email protected] 6.5 0.37% 2024-06-11 2026-06-17
CVE-2024-31398 Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users. [email protected] 4.3 0.32% 2024-06-11 2026-06-17
CVE-2024-31397 Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS) condition. [email protected] 4.9 0.45% 2024-06-11 2026-06-17
CVE-2024-31404 Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler. [email protected] 4.3 0.30% 2024-06-11 2026-06-17
CVE-2024-31403 Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the data of Memo. [email protected] 5.4 0.29% 2024-06-11 2026-06-17
CVE-2024-31401 Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the product. [email protected] 9.0 0.50% 2024-06-11 2026-06-17
CVE-2024-31400 Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail. [email protected] 6.5 0.28% 2024-06-11 2026-06-17
CVE-2023-27384 Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport. [email protected] 4.3 0.52% 2023-05-22 2026-06-17
CVE-2023-27304 Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin. [email protected] 4.3 0.52% 2023-05-22 2026-06-17
CVE-2023-26595 Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition. [email protected] 6.5 0.53% 2023-05-22 2026-06-17
CVE-2022-31472 Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet. [email protected] 4.3 0.78% 2022-07-10 2026-06-17
CVE-2022-30943 Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin. [email protected] 4.3 0.80% 2022-07-10 2026-06-17
CVE-2022-30602 Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. [email protected] 8.1 0.97% 2022-07-10 2026-06-17
CVE-2022-29512 Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege. [email protected] 6.5 0.95% 2022-07-10 2026-06-17
CVE-2022-29892 Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS). [email protected] 6.5 1.00% 2022-07-04 2026-06-17
«« First « Prev Page 1 / 10 Next »
cvelogic Threat Intelligence